1998 seems like a lifetime ago, where e-commerce was a fantasy for ordinary people just discovering the internet. Yet 1998 was year zero for the European Union’s Data Protection Directive – the basis for legislation protecting personal data across member states today.

But over the past two decades, digitalisation has detonated a data explosion, giving rise to data mining on a level of sophistication and scale that was unthinkable at the time the directive was conceived. In keeping with the spirit of our globalised age, data, like everything else, is ‘big’ – and so are the threats.